12 Easy Steps for Boosting Your Organizational Protection Against Malware

  1. Install

    a. Install an Antivirus program and ensure that it is always up-to date.

    b. Install a firewall – either hardware or software – to deny access to your network/computer from locations outside of your gateway. Most operating systems offer a built-in software firewall; ensure that it’s turned on and stays on.

  2. Keep everything updated. Make sure that your entire computing environment is fully patched:

    • Operating system

    • Applications such as Adobe Acrobat and Reader

    • Browsers

    • Browser plugins such as Adobe Flash, etc.

    • Other applications that access the web

    Most applications can periodically check for updates automatically; ensure that this feature is enabled.

  3. Use a Non-Admin Account. If you normally run your Windows machine with an account that has administrative privileges, it also means that malicious activity on your session can use those same privileges – letting an attacker do anything they want to your system. Therefore, it is strongly recommended to create an account that does not have admin privileges enabled, and use that for day-to-day operations.
  4. Use passphrases, not passwords. In other words, don’t use just alphabetic characters. Use a combination of upper and lower case characters, numbers, and special symbols. Take a look at how long it would take for a single desktop PC to crack different kinds of passwords:
    Password ContentsLength=8Length=10
    Lower case characters13 minutes6 days
    Lower and upper case characters2 days18 years
    Lower and upper case characters
    plus numbers
    10 days106 years
    All of the above plus special symbols57 days928 years

    Password Padding – Many people use their favorite pet’s name as a password – that’s a terrible idea! However, by padding that name with easily-remembered numbers and symbols, the password can be transformed to become extremely hard to crack. Let’s start with the name “Sophie” (upper case S, lower case “ophie”) and build on that:

    PasswordTime to Crack
    SophieLess than one second
    Sophie*157 days
    -Sophie*1-928 years
    –Sophie*1–Five million years
    —Sophie*1—32 billion years

    You can see that by padding a name with easily remembered numbers and repeated special characters, the password’s strength can be improved tremendously.

  5. Stop and think before you click on links or open attachments in emails. Don’t open suspicious emails attachments directly – save them and then have your antivirus tool scan them . Don’t click on links in emails requesting your personal details. Always sign out when you’ve finished reading your email. You should treat all emails as suspicious – even an email from a friend may be infected.
  6. Turn off/Rename/Password protect the Guest account if your operating system comes with one, as is the case with most versions of Windows.
  7. Turn off auto-play and auto-run. These are off by default in more recent versions of Windows, but you should still check to verify that they’re still disabled.
  8. Disable “File Sharing”
  9. Secure your wireless network. If you are using a wireless router/modem, change the default administrator password to something robust as discussed above. Use WPA or WPA2 encryption – WEP is an older standard and is no longer considered secure. Also, disable the router’s ability to be administrated from its WAN side. Refer to your router/modem manual for further details.
  10. Take care with shortened URLs. URL Shortening services such as bit.ly and TinyURL can mask the actual destination site, with the result being that your browser could be directed to a malicious site without you knowing it until it’s too late. Some URL shortener services allow you to preview the actual URL before going there – avoid using services that do not support this.
  11. Watch for odd file extensions such as used in “help.txt.vb” and “mother.jpg.exe”. While .txt and .jpg are usually benign extensions, your system will usually only recognize the last extension – .vb or .exe – which will then run and potentially infect your system.
  12. Manage how scripts are run in your browser. Browser plugins such as NoScript for Mozilla Firefox and ScriptNo for Google Chrome can provide a great deal of protection against malware on the web that depends on scripting or (JavaScript, ActiveX) or applications that can execute code (Adobe Flash, Java). These plugins let you selectively “white list” websites and web resources. When a site is first visited, the plugin blocks scripted resources from being able to run. You can then temporarily or permanently enable those resources if you deem them safe; from that point on the site will behave normally.
This website uses cookies to ensure you get the best experience. Got it, Thanks! MORE INFO